Fortune Global Blind SQL injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Fortune Global SQL injection Date: 17-04-2012 Author: CWpisagor Category:: Webapps Google dork: "© 2007 Fortune Global Ltd." inurl:index.php?subcategory=" Tested on: Windows 7 www.server.com/path/index.php?subcategory=SQL Exampl...

Joomla Estate Agent Component 'id' Parameter SQL Injection Vulnerability

This host is running Joomla The Estate Agent component and is prone to SQL injection vulnerability. OpenVAS Vulnerability Test $Id: gbjoomlacomestateagentsqlinjvuln.nasl 6022 2017-04-25 12:51:04Z teissa $ Joomla Estate Agent Component 'id' Parameter SQL Injection Vulnerability Authors: Madhuri D...

Apache 2.5.9=>2.5.10(win) Xss Vulnerability

Exploit for multiple platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1...

'phpMoneyBooks' Local File Inclusion (CVE-2012-1669)

'phpMoneyBooks' Local File Inclusion CVE-2012-1669 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in index.php for module handling that allows for local file inclusion using a null-byte attack on the 'module' GET parameter...

singapore v0.9.9a XSS / Read Admin / Password Panel

Exploit for php platform in category web applications Author : L3b-r1'z Title : singapore v0.9.9a Read Admin And Password Panel Email : email protected Dork : allintext: "Powered by singapore v0.9.9a" 127.0.0.1/PATH/index.php?gallery="alert'xss'...

phpPaleo Local File Inclusion (CVE-2012-1671)

Exploit for php platform in category web applications 'phpPaleo' Local File Inclusion CVE-2012-1671 Mark Stanislav - email protected I. DESCRIPTION --------------------------------------- A vulnerability exists in index.php for language handling that allows for local file inclusion using a...

phpPaleo - Local File Inclusion

'phpPaleo' Local File Inclusion CVE-2012-1671 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in index.php for language handling that allows for local file inclusion using a null-byte attack on the 'lang' GET parameter. II...

Crea-Boutique - Persistent XSS Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x...

Geeklog 1.8.1 'index.php' SQL注入漏洞

Geeklog是免费开源的博客软件 Geeklog 'index.php'不正确过滤用户提交的输入，远程攻击者可以提交恶意SQL查询，更改原来的SQL逻辑，获得敏感信息或操作数据库，控制应用系统 0 Geeklog 1.8.1 厂商解决方案 目前没有详细解决方案提供： http://www.geeklog.net/ http://www.example.com/easyfile/index.php?folder=SQLI...

CoreCommerce SQL injection Vulnerability

Exploit for php platform in category web applications Exploit Title : CoreCommerce SQL injection Date : 22/03/2012 Author : ZeTH Contact : zeth/at/hacktheplan8/dot/com http://www.hacktheplan8.com Vendor : http://www.corecommerce.com Version : 3.0 d0rk : intext:"Powered by Core-Commerce"...

CoreCommerce SQL Injection

Exploit Title : CoreCommerce SQL injection Date : 22/03/2012 Author : ZeTH Contact : zeth/at/hacktheplan8/dot/com http://www.hacktheplan8.com Vendor : http://www.corecommerce.com Version : 3.0 d0rk : intext:"Powered by Core-Commerce"...

phpMoneyBooks 1.0.2 Local File Inclusion

Exploit for php platform in category web applications 'phpMoneyBooks' Local File Inclusion CVE-2012-1669 Mark Stanislav - email protected I. DESCRIPTION --------------------------------------- A vulnerability exists in index.php for module handling that allows for local file inclusion using a...

phpMoneyBooks 1.0.2 - Local File Inclusion

phpMoneyBooks 1.0.2 - Local File Inclusion 'phpMoneyBooks' Local File Inclusion CVE-2012-1669 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in index.php for module handling that allows for local file inclusion using a...

phpMoneyBooks 1.0.2 - Local File Inclusion

'phpMoneyBooks' Local File Inclusion CVE-2012-1669 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in index.php for module handling that allows for local file inclusion using a null-byte attack on the 'module' GET parameter...

Joomla! 'index.php'远程特权提升漏洞

Bugtraq ID: 52534 Joomla!是基于php+mysql模式的快速建站系统 Joomla!存在编程错误，允许攻击者利用此漏洞提升特权，执行某些未授权操作 0 Joomla! 2.5.2 Joomla! 2.5.1 Joomla! 2.5 厂商解决方案 Joomla! 2.5.3已经修复此漏洞，建议用户下载使用： http://www.joomla.org/announcements/release-news/5416-joomla-253-released.html...

Sql injection

SQL injection vulnerability in MyJobList 0.1.3 allows remote attackers to execute arbitrary SQL commands via the eid parameter in a profile action to index.php...

CVE-2012-1790

CVE-2012-1790 affects Webgrind 1.0 and 1.0.2, enabling absolute path traversal via the file parameter to index.php. Exploitation allows reading arbitrary files; multiple sources (NVD, Veracode, PRION, CVE lists) corroborate the path traversal description. No vendor-specific patch/version is provi...

piwigo v.2.3.3 SQL Injector

Exploit for php platform in category web applications +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : piwigo SQL comments.php?displaymode=albums SQL 1 myerror...

AneCMS 2e2c583 - Local File Inclusion

AneCMS 2e2c583 - Local File Inclusion Exploit Title: AneCMS v.2e2c583 LFI exploit Date: 03.04.2012 Author: I2sec-PJH Software Link: https://github.com/AneGroup/AneCMS Version: v.2e2c583 ----------------------------------------------------- -Description vulnerabilities have been discovered in the...

Kuwebs 3.1.3 admin-index.php参数menu远程文件包含漏洞

No description provided by source...